On Wed, Jan 13, 2021 at 05:20:16PM -0500, Matthew Miller wrote: > On Wed, Jan 13, 2021 at 02:12:30PM -0800, Kevin Fenzi wrote: > > Yes, tokens. Kerberos is not very feasable due to various constraints. > > I'm curious what the constraints are. Currently the reason ssh works is because users in the packager group have actual, real, full accounts on the server. We then override the command(s) they can run to the pagure wrapper. We want to move away from any users have any kind of 'real' accounts there. So, then it becomes what pagure can support, and it has no Kerberos support. It could be added I suppose, but it doesn't exist at all currently. kevin
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ packaging mailing list -- packaging@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to packaging-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/packaging@xxxxxxxxxxxxxxxxxxxxxxx
